Asked by:

How to provide anonymous access to a custom ASPX page in _layouts folder?

Question

We have a sharepoint site which is a public facing site and when user tries to access the site, it will ask for authentication.

However for one of the ASPX page (that I created and copied to _layouts folder within 12 hive), I do not want the users to be asked with authentication
if they have already accessed the site in the last 90 days or so. In case if they have not accessed, then I would like to trap their windows login and use the same as 'current user'. If either of the above fails, then I would like to ask for authentication.

In case if the above cannot be done at page level, then I can consider doing the same at site level.

Please suggest.

PS: In case if this needs any programming (or related), please move to development forum.How to provide anonymous access to a custom ASPX page
in _layouts folder?

We have a sharepoint site which is a public facing site and when user tries to access the site, it will ask for authentication.

However for one of the ASPX page (that I created and copied to _layouts folder within 12 hive), I do not want the users to be asked with authentication
if they have already accessed the site in the last 90 days or so. In case if they have not accessed, then I would like to trap their windows login and use the same as 'current user'. If either of the above fails, then I would like to ask for authentication.

In case if the above cannot be done at page level, then I can consider doing the same at site level.

Please suggest.

PS: In case if this needs any programming (or related), please move to development forum.

The ASPX page I am using (from _Layouts folder) is like a server page with first few lines that look like below. I do not know how to incorporate the above code into this type of ASPX file. Please suggest.

Surprised to see "Unproposed As Answer by Mike
Walsh FIN" , I am not aware of rules for unproposing any answer , you should not proposed your own thread as an answer , but if someone is proposing your thread then it should not be unproposed by moderator...

even Mike has quoted in some threads that "NEVER propose your own posts as answers. The function is there for people to propose the good answers of
other people. Not for self-proposing."

There are various cases where a Moderator has good reason for un-proposíng a proposed answer.

Here are a few: (not all, but perhaps the most common ones)

1. when the poster proposes his own post (as you mention)

2. when there is a better answer in the thread.

3. when the OP comes back with a post that says that the proposed post did not answer his question.

4. when the OP comes back with a post that says that he actually meant something else.

In order to do any of 2. 3. or 4. the entire thread or at least two posts in the thread need to be considered. Clearly this takes time and therefore will not be done in every thread with a proposed post or by every Moderator.

In this thread the reason for unproposing was 4. because the OP later wrote "thanks but I think I didn't phrase my question properly. "

I hope this answers your question. There aren't that many times I unpropose posts (or unmark posts as answers) but when I do so it's justified. (Or at least it should be - I am human and get things wrong occasionally)

Mike

P.S. There is also 5. When I think the answer is technically wrong - a clear case of that being if someone had written that Windows Internal Database for WSS 3.0 has a database size limit of 4GB.

There are guidelines somewhere but in the end it's down to the individual Moderator where he stretches/bends them. (One example being self-proposing which I dislike because there are too many "false positives" in proposals made by the poster him/herself.)

For better or worse I am probably one of the more active Moderators (and the usual "rule" is that the more you do, the more there is that people can object to) - some like this, some don't. In my experience the newcomers don't like it and the old hands do
- but often enough newcomers become old hands and change their opinion.

The custom ASPX page is in _layouts folder (as discussed with Ganesh above) but the page still goes through authentication (meaning when I redirect to this page, user is being asked to authenticate. This is a windows authenticated public facing site).

Ganesh : I didn't mark as answer as authentication is failing. The code examples we discussed seems to be working fine and I thought of answering for that but then it will mean that the entire solution (authentication issue) is also resolved. Sorry about
that.

I have added an application page to my solution. This page doesn't require authentication. I have removed the DynamicMasterPage attribute from the Page directive. I have inherited from UnsecuredLayoutsPageBase. And I override the AllowAnonymousAccess to
always return true. Yet, it redirects to the AccessDenied.aspx when I try to access the page through the browser. How do I setup anonymous access for a specific page? I am using FBA authentication for the rest of the site.